1. Field of the Invention
The present invention relates to an apparatus and method of generating and detecting data; more particularly, to an apparatus and method of generating and detecting prevention and control data to verify validity of data.
2. Description of the Related Art
As applied in the conventional art, the term “control” generally refers to a designed policy, procedure, administrative work, or organization for providing logic confidence to archive objects of business, or to prevent, detect, and correct unexpected events. Meanwhile, such a control is generally classified as a preventive control, a detective control, and a corrective control in a data communication system.
The preventive control prevents problems before the problems actually occur. That is, the preventive control observes management and input, predicts potential problems before the problems occur, and prevents errors, omissions, and wrongful actions. The detective control detects the errors, omissions, and wrongful actions and reports the detected problems. The corrective control minimizes influences of intimidation from the problems by taking precautions against the problems detected by the detective control, and corrects a problem processing system to minimize future occurrences of identical problems by identifying causes of the problem and correcting errors. Until now, the data communication system has only used functions for detecting and correcting errors while transmitting and receiving data. However, the control function is not used for preventing and detecting problems by controlling data transmission in the data communication system.
FIG. 1 is a diagram illustrating a data transmitting/receiving system according to the conventional art.
Referring to FIG. 1, the conventional data transmitting/receiving system includes a transmitter 100 and a receiver 110. The transmitter 100 includes a data composing part 101, an encryption part 102, and a packaging part 103. That is, the data composing part 101 composes data to be transmitted, and the encryption part 102 encrypts the composed data. The packaging part 103 packages the encrypted data to a predetermined format of data, such as a packet formant, and adds signature data in the packaged data for data verification. The packaged data is transmitted to the receiver 110.
The receiver 110 includes an integrity check part 111, a depackaging part 112, and a decryption part 113. The integrity check part 111 receives the data transmitted from the transmitter 100 and performs an integrity check. The depackaging part 112 depackages the received data according to the method of packaging used in the packaging part 103 in the transmitter 100. The decryption part 113 decrypts the depackaged data according to the encoding method used in the encryption part 103 of the transmitter 100. Finally, the received data is recovered to original data.
Meanwhile, the integrity check guarantees that information is opened and corrected only by a permitted person in view of data and network security. For the integrity check, a physical environment of a terminal and a server connected to a network is controlled, access of data is limited, and strict verification steps are maintained. Data integrity may be threatened by environmental causes such as heat, dust, or surge current. In order to guarantee the data integrity in the view of network management, levels of permission assigned to all users are maintained, system management steps, limiting elements, and maintenance activities are documented, and a disaster recovery system is prepared for the surge current, malfunctioning of server, and/or virus attack.
A conventional integrity check includes a parity check scheme, a check digit scheme, and a hash value scheme. The parity check scheme verifies whether a sum of received data is identical to a sum of transmitted data or input data by inserting a parity bit into data to make the sum of data be an odd or even number. The check digit scheme adds a mathematically calculated value to data to verify whether the original data is modified, or original data is substituted for by a valid value. The hash value scheme adds a calculated value to data by using a hash function having a one-way characteristic to confirm whether the original data is modified.
The above mentioned conventional schemes are used to verify integrity of the data, but are not used to verify the validity of the data, which determines whether the contents of the data are actually reliable.
Hereinafter, cases requiring verification of data validity in data communication will be explained with reference to FIG. 2.
FIG. 2 is a diagram illustrating a billing system according to the conventional art.
Referring to FIG. 2, when a client 200 receives a predetermined service from a service provider 210, a billing system 220 bills provided service information to the client. For example, the service provider 210 allocates pay information {1, 2, 3, 4} to each program, and the allocated pay information is used in the billing system 220 to bill the client 200. When the client 200 request 5 programs, {1, 1, 2, 1, 3} for example, from the service provider 210, the service provider 210 encrypts the requested program information and transfers the encrypted program information to the client 200. The service provider 210 also transfers only the pay information {1, 1, 2, 1, 3} to the billing system 220. However, the service provider 210 or the billing system 220 cannot verify whether the transferred pay information correctly corresponds to the program information provided to the client 200. That is, there is no way to verify whether a client receives information such as {1, 1, 1, 1, 3} by mistake.
Therefore, there is great demand for a method to verify contents of data while maintaining secrecy of the data.